Category: Breach Laws

V. John Ella writes: North Dakota has amended its data breach notification law to include “medical information” and “health insurance information.” See N.D. Century Code, Section 51-30-01.  Amendments to the law also provide an exemption for HIPAA  covered entities, business associates, or subcontractors so long as they are in compliance with breach notification requirements under title 45, Code…

Günther Leissler and Veronika Wolfbauer explain: The European regulatory framework on electronic communications obliges providers of public electronic communications services to notify personal data breaches to their national authorities.(1) However, the European Commission recently found a lack of harmonisation among member states in this respect, and exercised its power to issue technical implementing measures on the…

Joseph J. Lazzarotti of Jackson Lewis LLP writes: On June 14, 2013, Texas Governor Rick Perry signed S.B. 1610 amending Texas’ data breach notification law to remove language limiting the application of the data breach notification requirement to Texas residents and residents of states that do not require notification, permit, for residents of states other than Texas that require notification of a breach, notice to be…

Michael Young writes: On May 13, 2013, Vermont Governor Peter Shumlin signed H.513 into law. The new law includes an amendment to Vermont’s Security Breach Notice Act, 9 V.S.A. § 2435. Previously, under § 2435, Vermont-regulated financial institutions were exempt from notifying any Vermont authority in case of a security breach involving personally identifiable data. The new…